1.3.1 Object-Based Perspective
The object-based perspective shows that the protocol exposes five main object abstractions: a server object, a domain object, a group object, an alias object (an "alias" being a type of group), and a user object. A client obtains a "handle" (an RPC context handle) to one of these objects and then performs one or more actions on the object.
The following is a brief listing of methods that operate on each of the respective object types.
For example, to set a policy that limits the minimum length of passwords to eight characters for all users, a client opens a handle to a domain object and updates the minimum length password policy setting via a parameter field called MinPasswordLength. The call sequence from the client appears as follows (with the parameter information removed for brevity):
(a) Send a SamrConnect5 request; receive the SamrConnect5 reply.
(b) Send a SamrOpenDomain request; receive the SamrOpenDomain reply.
(c) Send a SamrSetInformationDomain request; receive the SamrSetInformationDomain reply.
(d) Send a SamrCloseHandle request; receive the SamrCloseHandle reply.
(e) Send a SamrCloseHandle request; receive the SamrCloseHandle reply.
This sequence is expanded in the following brief explanation:
Step (a): Using the network address of a server that implements this protocol, a client makes a SamrConnect5 request to obtain a handle to a server object. This server handle is necessary to obtain a subsequent handle to a domain object.
Step (b): Using the handle returned from SamrConnect5, the client makes a SamrOpenDomain request to obtain a handle to a domain object.
Step (c): Using the handle returned from SamrOpenDomain, the client makes a SamrSetInformationDomain request, setting the MinPasswordLength parameter field to eight.
Steps (d) and (e): The client closes the handles returned from SamrOpenDomain and SamrConnect5 by using SamrCloseHandle. These steps release server resources associated with the handle; the order in which the handles are released is not important.
Section 4.1 provides an additional example.